Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2017-12617
Vulnerability from cvelistv5
Published
2017-10-03 15:00
Modified
2025-02-04 18:46
Severity ?
EPSS score ?
Summary
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Tomcat |
Version: 9.0.0.M1 to 9.0.0 Version: 8.5.0 to 8.5.22 Version: 8.0.0.RC1 to 8.0.46 Version: 7.0.0 to 7.0.81 |
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-03-25
Due date: 2022-04-15
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12617
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3113",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "RHSA-2017:3080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
},
{
"name": "RHSA-2018:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"name": "42966",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42966/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us"
},
{
"name": "RHSA-2018:0270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
},
{
"name": "RHSA-2018:0271",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"name": "[debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html"
},
{
"name": "RHSA-2018:2939",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
},
{
"name": "RHSA-2018:0465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"name": "USN-3665-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3665-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:0268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"name": "RHSA-2017:3114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"name": "43008",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43008/"
},
{
"name": "1039552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039552"
},
{
"name": "100954",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100954"
},
{
"name": "RHSA-2018:0275",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
},
{
"name": "RHSA-2018:0466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"name": "[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171018-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0002/"
},
{
"name": "RHSA-2017:3081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K53173544"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-12617",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:46:14.471455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12617"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T18:46:52.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Tomcat",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "9.0.0.M1 to 9.0.0"
},
{
"status": "affected",
"version": "8.5.0 to 8.5.22"
},
{
"status": "affected",
"version": "8.0.0.RC1 to 8.0.46"
},
{
"status": "affected",
"version": "7.0.0 to 7.0.81"
}
]
}
],
"datePublic": "2017-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-13T16:09:13.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "RHSA-2017:3113",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "RHSA-2017:3080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
},
{
"name": "RHSA-2018:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"name": "42966",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42966/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us"
},
{
"name": "RHSA-2018:0270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
},
{
"name": "RHSA-2018:0271",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"name": "[debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html"
},
{
"name": "RHSA-2018:2939",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
},
{
"name": "RHSA-2018:0465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"name": "USN-3665-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3665-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:0268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"name": "RHSA-2017:3114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"name": "43008",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43008/"
},
{
"name": "1039552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039552"
},
{
"name": "100954",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100954"
},
{
"name": "RHSA-2018:0275",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
},
{
"name": "RHSA-2018:0466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"name": "[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171018-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0002/"
},
{
"name": "RHSA-2017:3081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K53173544"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-10-03T00:00:00",
"ID": "CVE-2017-12617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Tomcat",
"version": {
"version_data": [
{
"version_value": "9.0.0.M1 to 9.0.0"
},
{
"version_value": "8.5.0 to 8.5.22"
},
{
"version_value": "8.0.0.RC1 to 8.0.46"
},
{
"version_value": "7.0.0 to 7.0.81"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3113",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "RHSA-2017:3080",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
},
{
"name": "RHSA-2018:0269",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"name": "42966",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42966/"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us"
},
{
"name": "RHSA-2018:0270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
},
{
"name": "RHSA-2018:0271",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"name": "[debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html"
},
{
"name": "RHSA-2018:2939",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
},
{
"name": "RHSA-2018:0465",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"name": "USN-3665-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3665-1/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:0268",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"name": "RHSA-2017:3114",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"name": "43008",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43008/"
},
{
"name": "1039552",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039552"
},
{
"name": "100954",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100954"
},
{
"name": "RHSA-2018:0275",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
},
{
"name": "RHSA-2018:0466",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"name": "[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171018-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171018-0002/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0002/"
},
{
"name": "RHSA-2017:3081",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://support.f5.com/csp/article/K53173544",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K53173544"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-12617",
"datePublished": "2017-10-03T15:00:00.000Z",
"dateReserved": "2017-08-07T00:00:00.000Z",
"dateUpdated": "2025-02-04T18:46:52.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2017-12617",
"cwes": "[\"CWE-434\"]",
"dateAdded": "2022-03-25",
"dueDate": "2022-04-15",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"product": "Tomcat",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
"vendorProject": "Apache",
"vulnerabilityName": "Apache Tomcat Remote Code Execution Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-12617\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-10-04T01:29:02.120\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\"},{\"lang\":\"es\",\"value\":\"Al ejecutar Apache Tomcat desde la versi\u00f3n 9.0.0.M1 hasta la 9.0.0, desde la 8.5.0 hasta la 8.5.22, desde la 8.0.0.RC1 hasta la 8.0.46 y desde la 7.0.0 hasta la 7.0.81 con los HTTP PUT habilitados (por ejemplo, configurando el par\u00e1metro de inicializaci\u00f3n de solo lectura del servlet Default a \\\"false\\\"), es posible subir un archivo JSP al servidor mediante una petici\u00f3n especialmente manipulada. Este JSP se puede despu\u00e9s solicitar y cualquier c\u00f3digo que contenga se ejecutar\u00eda por el servidor.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-03-25\",\"cisaActionDue\":\"2022-04-15\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Apache Tomcat Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.82\",\"matchCriteriaId\":\"A7286E06-DA84-401D-8FB8-DEEF6A171C88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0\",\"versionEndExcluding\":\"8.0.47\",\"matchCriteriaId\":\"2C385FE9-F78C-49BC-AE87-5FE1A9BD7ED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndExcluding\":\"8.5.23\",\"matchCriteriaId\":\"EF72650E-5826-4ABB-9B7D-43C96DB3B9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.1\",\"matchCriteriaId\":\"817D7E47-947E-4A2F-A8AB-1302D5DF6684\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"B3293E55-5506-4587-A318-D1734F781C09\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14ABF04-E460-4911-9C6C-B7BCEFE68E9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCF62B0C-A8BD-40E6-9E4E-E684F4E87ACD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED43772F-D280-42F6-A292-7198284D6FE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C650FEDB-E903-4C2D-AD40-282AB5F2E3C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"622B95F1-8FA4-4AA6-9B68-5FE4302BA150\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B65CD29-C729-42AC-925E-014BA19581E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E856B4A-6AE7-4317-921A-35B4D2048652\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"815E0C5E-00DF-4AD2-AE97-A752B3DC1631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.3.0.0\",\"versionEndIncluding\":\"7.3.5.3.0\",\"matchCriteriaId\":\"4C3CFCCE-A8D4-4B78-9C37-88238580B5DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.9.0.0\",\"matchCriteriaId\":\"9380A86A-7A58-477F-A697-B6692E18B4B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fmw_platform:12.2.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"657387A7-DFD9-4CDC-968A-3F3970FDE224\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C5E9A12-BFE9-4963-A360-A34168A6BF6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_empirica_inspections:1.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26CD44C0-F9DD-46F0-A4C1-2C2639217B4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A3DC116-2844-47A1-BEC2-D0675DD97148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:management_pack:11.2.1.0.13:*:*:*:*:goldengate:*:*\",\"matchCriteriaId\":\"5EB9E1EA-E136-4B09-9BBB-D7D48D993349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98EE20FD-3D21-4E23-95B8-7BD13816EB95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78933DD0-F774-4E60-BC66-D5A57919717A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ECA7A7E-8177-4FD4-B9B9-F4B1B6F43F98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73C9A2AD-F384-44D5-AB33-86B7250760A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEB4EB87-5ABB-437D-BDAC-FB64F33929FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA3F5761-E2A0-4F67-BAE1-503877676BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1E3C86B-4483-430A-856D-7EAB7D388D2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.3.6.3293\",\"matchCriteriaId\":\"FF9C223C-BC90-4253-A009-53DEDEE9C1CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndIncluding\":\"3.4.4.4226\",\"matchCriteriaId\":\"52886BA2-204E-4F0E-B22F-CE5FDFCC98B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.0.0.5135\",\"matchCriteriaId\":\"6470AB3F-ADE2-4BA2-A6B9-E094C927CC77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8193A06-3F6B-4F5A-AA58-B1B0AB3A87A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE65A212-7385-4973-A9C8-FB9C2F9F745F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56239DBD-E294-44A4-9DD3-CEEC58C1BC0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"517E0654-F1DE-43C4-90B5-FB90CA31734B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_back_office:14.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB363B97-8D71-4FC5-AF88-B6A0040E3D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_back_office:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92978070-A3FD-45E7-8A19-C6324116416B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_central_office:14.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74D44D74-4402-4569-B335-AFB5F80424ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_central_office:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ABB11E1-AD2A-47AA-A5AA-49D94B50CEC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.1.132:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA5B8931-D3B4-46A9-B1A0-9A6BBA365FC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_eftlink:1.1.124:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD00C4A5-D05A-4C64-A50C-B8CE182FFB5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_eftlink:15.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25AC9F0D-4476-41AC-A7AB-5DE52135D8D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_eftlink:16.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4DF6FE2-35CB-43AB-95F4-40C909DEC69F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_insights:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DCCBA87-C934-4B94-A5F2-B459FF9CBEC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_insights:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D962EF0-D6E1-4B1F-9F50-0E30C3B5CF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_insights:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B3935CB-58D4-49A4-B3D4-D0DA0CD12F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_insights:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"269BCEDB-57A1-4611-A009-29791E0EF9A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51D1FAEE-65FD-47EB-9F4D-505C72000F3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C45FF05-FB76-4782-891E-F4A8A4871A22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C03ED7B-3826-4D6D-89C5-61DE12E27213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8893CB1D-F18C-404D-BC06-CA2617BFAE58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42227DD8-6671-4B38-9E42-4ACF78F09C97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69962BD9-A102-4621-9461-018E87261657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"788F2530-F011-4489-8029-B3468BAF7787\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_invoice_matching:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D939BB4-9D34-43A4-A19C-1CC90DB748FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4E864D4-96C0-4FD5-993F-7E2472893FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAA4DF85-9225-4422-BF10-D7DAE7DCE007\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77C2A2A4-285B-40A1-B9AD-42219D742DD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8CF045-09BB-4069-BCEC-496D5AE3B780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38E74E68-7F19-4EF3-AC00-3C249EAAA39E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_management_system:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01FFED25-C781-45CA-8F3B-7A75D5F1E126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_management_system:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA5092E0-0F34-4330-BE16-B0D5FF4C91E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_management_system:4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBBC99BE-E550-482C-B759-6032E6593D09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_management_system:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66CAA1FF-02B0-4479-8349-DEB19208A21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_point-of-service:14.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C47CC5A-5A12-4058-9F60-A50E2D2040BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_point-of-service:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1CE1F19-1F07-4CBB-9930-F47394ED8054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FABD1A02-06F9-48A7-A22D-10DCD24938E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06992F7E-3BCA-4489-AD12-534C50CE6E6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6D3F48B-E5F3-4412-815A-6C1E23E98674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C19C5CC9-544A-4E4D-8F0A-579BB5270F07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"891E192D-BA12-4D89-8D18-C93D2F26A369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B956113-5B3B-436D-858B-8F29FB304364\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8917F6-00E7-47EC-B86D-A3B11D5F0E0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFC5F424-119D-4C66-8251-E735EEFBC0BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_returns_management:2.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B31A871-77CF-455F-A28A-FBCE595D51DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_returns_management:2.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"892B1AB5-B0DC-4E57-B22F-0196A9F22CE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_returns_management:14.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E9002D8-133F-4AB2-8475-4B0A464D0021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_returns_management:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B529695B-B859-4A1B-9873-6C870201879F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:12.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F26748F3-1952-43B2-8847-264257ECBF10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:13.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142391D3-E38C-4F0E-9BB1-034DC28FAF75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:13.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"555925C7-3345-48F8-9FD9-0E6C1E83E960\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:13.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0953CAB4-B627-419D-9B8A-7C776A4FC18F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E703304-0752-46F2-998B-A3D37C9E7A54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"722969B5-36CD-4413-954B-347BB7E51FAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:15.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BE74EA-FC65-4A23-B5AA-1FC97390ADAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:16.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AAFAA67-42E9-4B4E-9DC7-A38275FD45CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7A0E714-AC23-49B5-A36C-D10FA4699561\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89B3354D-3929-4AEC-AAE0-7F573341FD6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55901EF7-B71C-40B3-B276-FDA6381F051F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"385D40CC-5AA0-4DAB-A2E7-F3A3CFF95BA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:6.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A714FB-050A-4040-BC57-C22FA4DD58D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:6.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A775321B-6DFB-4770-8F6D-D34D655438AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:6.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"835BB7D9-633C-4CB3-8E8F-CA6FD62E587A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:6.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48FE41BA-1E3C-4626-930F-3F8FEE124A78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:6.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F284EF-05CF-4CF5-B7CA-F58AE01DA3B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:6.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C09892E8-D580-488A-A80E-B358D682A25A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58642E0-CA59-4DE6-A83C-F551FC621C32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tuxedo_system_and_applications_monitor:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7072B3F-88AE-4432-879B-9D8208C67C74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB4709C-6373-43CC-918C-876A6569865A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD848FE1-CFD7-490C-B008-DF3B30F3256F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.3\",\"matchCriteriaId\":\"BD075607-09B7-493E-8611-66D041FFDA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"9.5\",\"matchCriteriaId\":\"0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BD81527-A341-42C3-9AB9-880D3DB04B08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*\",\"matchCriteriaId\":\"5E1DE4F5-9094-4C73-AA1B-5C902F38DD24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"077732DB-F5F3-4E9C-9AC0-8142AB85B32F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1ABA871-3271-48E2-A69C-5AD70AF94E53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"681173DF-537E-4A64-8FC7-75F439CCAD0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E2F2F98-DB90-43F6-8F28-3656207B6188\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_web_server_text-only_advisories:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08E5BFFC-F3E0-43E6-BA40-81B2A8B7CC01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96E3779-F56A-45FF-BB3D-4980527D721E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF3C7A5-9117-42C7-BEA1-4AA378A582EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83737173-E12E-4641-BC49-0BD84A6B29D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46DD0CA2-3786-4E97-A60C-5043FDDBCB86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E4609A-C986-4041-A528-1B4B37E1F6F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92BDD126-A468-47D9-A468-6E229D75939D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DAA8C42-870A-42B4-AE9F-7C67F4122ED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2148300C-ECBD-4ED5-A164-79629859DD43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B908AEF5-67CE-42D4-961D-C0E7ADB78ADD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8EB695-5EA3-46D2-941E-D7F01AB99A48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E1DB003-76B8-4D7B-A6ED-5064C3AE1C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D8D654F-2442-4EA0-AF89-6AC2CD214772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCF87FD-9358-42A5-9917-25DF0180A5A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8B2E32-B838-4E51-BAA2-764089D2A684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4319B943-7B19-468D-A160-5895F7F997A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8036E2AE-4E44-4FA5-AFFB-A3724BFDD654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9A24D0C-604D-4421-AFA6-5D541DA2E94D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A2E3637-B6A6-4DA9-8B0A-E91F22130A45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F81F859C-DA89-4D1E-91D3-A000AD646203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"418488A5-2912-406C-9337-B8E85D0C2B57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7431ABC1-9252-419E-8CC1-311B41360078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5F7E11E-FB34-4467-8919-2B6BEAABF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F256A9-D3B9-4C72-B013-4EFD878BFEA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/100954\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039552\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3080\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3081\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3113\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3114\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0268\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0269\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0270\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0271\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0275\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0465\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0466\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2939\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171018-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180117-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K53173544\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3665-1/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/42966/\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/43008/\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/100954\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3081\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3114\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0269\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0270\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0271\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0275\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0465\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2939\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171018-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180117-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K53173544\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3665-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/42966/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/43008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:3113\", \"name\": \"RHSA-2017:3113\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3080\", \"name\": \"RHSA-2017:3080\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0269\", \"name\": \"RHSA-2018:0269\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42966/\", \"name\": \"42966\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0270\", \"name\": \"RHSA-2018:0270\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0271\", \"name\": \"RHSA-2018:0271\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html\", \"name\": \"[debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2939\", \"name\": \"RHSA-2018:2939\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0465\", \"name\": \"RHSA-2018:0465\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3665-1/\", \"name\": \"USN-3665-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0268\", \"name\": \"RHSA-2018:0268\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3114\", \"name\": \"RHSA-2017:3114\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/43008/\", \"name\": \"43008\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1039552\", \"name\": \"1039552\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/100954\", \"name\": \"100954\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0275\", \"name\": \"RHSA-2018:0275\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0466\", \"name\": \"RHSA-2018:0466\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E\", \"name\": \"[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20171018-0002/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180117-0002/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3081\", \"name\": \"RHSA-2017:3081\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://support.f5.com/csp/article/K53173544\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T18:43:56.415Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-12617\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T18:46:14.471455Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12617\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-434\", \"description\": \"CWE-434 Unrestricted Upload of File with Dangerous Type\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T18:46:26.334Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tomcat\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.0.0.M1 to 9.0.0\"}, {\"status\": \"affected\", \"version\": \"8.5.0 to 8.5.22\"}, {\"status\": \"affected\", \"version\": \"8.0.0.RC1 to 8.0.46\"}, {\"status\": \"affected\", \"version\": \"7.0.0 to 7.0.81\"}]}], \"datePublic\": \"2017-10-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:3113\", \"name\": \"RHSA-2017:3113\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3080\", \"name\": \"RHSA-2017:3080\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0269\", \"name\": \"RHSA-2018:0269\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42966/\", \"name\": \"42966\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0270\", \"name\": \"RHSA-2018:0270\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0271\", \"name\": \"RHSA-2018:0271\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html\", \"name\": \"[debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2939\", \"name\": \"RHSA-2018:2939\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0465\", \"name\": \"RHSA-2018:0465\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://usn.ubuntu.com/3665-1/\", \"name\": \"USN-3665-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0268\", \"name\": \"RHSA-2018:0268\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3114\", \"name\": \"RHSA-2017:3114\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://www.exploit-db.com/exploits/43008/\", \"name\": \"43008\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://www.securitytracker.com/id/1039552\", \"name\": \"1039552\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securityfocus.com/bid/100954\", \"name\": \"100954\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0275\", \"name\": \"RHSA-2018:0275\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0466\", \"name\": \"RHSA-2018:0466\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E\", \"name\": \"[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20171018-0002/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180117-0002/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3081\", \"name\": \"RHSA-2017:3081\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://support.f5.com/csp/article/K53173544\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2020-02-13T16:09:13.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"9.0.0.M1 to 9.0.0\"}, {\"version_value\": \"8.5.0 to 8.5.22\"}, {\"version_value\": \"8.0.0.RC1 to 8.0.46\"}, {\"version_value\": \"7.0.0 to 7.0.81\"}]}, \"product_name\": \"Apache Tomcat\"}]}, \"vendor_name\": \"Apache Software Foundation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:3113\", \"name\": \"RHSA-2017:3113\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3080\", \"name\": \"RHSA-2017:3080\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us\", \"name\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0269\", \"name\": \"RHSA-2018:0269\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://www.exploit-db.com/exploits/42966/\", \"name\": \"42966\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us\", \"name\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03812en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0270\", \"name\": \"RHSA-2018:0270\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0271\", \"name\": \"RHSA-2018:0271\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html\", \"name\": \"[debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2939\", \"name\": \"RHSA-2018:2939\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0465\", \"name\": \"RHSA-2018:0465\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://usn.ubuntu.com/3665-1/\", \"name\": \"USN-3665-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0268\", \"name\": \"RHSA-2018:0268\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3114\", \"name\": \"RHSA-2017:3114\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://www.exploit-db.com/exploits/43008/\", \"name\": \"43008\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://www.securitytracker.com/id/1039552\", \"name\": \"1039552\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.securityfocus.com/bid/100954\", \"name\": \"100954\", \"refsource\": \"BID\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0275\", \"name\": \"RHSA-2018:0275\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0466\", \"name\": \"RHSA-2018:0466\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E\", \"name\": \"[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload\", \"refsource\": \"MLIST\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20171018-0002/\", \"name\": \"https://security.netapp.com/advisory/ntap-20171018-0002/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180117-0002/\", \"name\": \"https://security.netapp.com/advisory/ntap-20180117-0002/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3081\", \"name\": \"RHSA-2017:3081\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://support.f5.com/csp/article/K53173544\", \"name\": \"https://support.f5.com/csp/article/K53173544\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"name\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/\", \"refsource\": \"MLIST\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-12617\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@apache.org\", \"DATE_PUBLIC\": \"2017-10-03T00:00:00\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-12617\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-04T18:46:52.662Z\", \"dateReserved\": \"2017-08-07T00:00:00.000Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2017-10-03T15:00:00.000Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
rhsa-2018:0271
Vulnerability from csaf_redhat
Published
2018-02-05 14:08
Modified
2025-01-26 20:08
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0271",
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519259"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "1533997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533997"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0271.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-01-26T20:08:34+00:00",
"generator": {
"date": "2025-01-26T20:08:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0271",
"initial_release_date": "2018-02-05T14:08:06+00:00",
"revision_history": [
{
"date": "2018-02-05T14:08:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:08:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-26T20:08:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:08:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:08:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:08:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2018_0466
Vulnerability from csaf_redhat
Published
2018-03-07 15:21
Modified
2024-11-25 12:09
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update
Notes
Topic
An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)
* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)
* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)
* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)
* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)\n\n* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)\n\n* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)\n\n* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)\n\n* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0466",
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0466.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update",
"tracking": {
"current_release_date": "2024-11-25T12:09:11+00:00",
"generator": {
"date": "2024-11-25T12:09:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:0466",
"initial_release_date": "2018-03-07T15:21:52+00:00",
"revision_history": [
{
"date": "2018-03-07T15:21:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-07T15:21:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T12:09:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
"product": {
"name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
"product": {
"name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product_id": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product_id": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product_id": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product_id": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat8@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat7@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat7@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat8@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat7@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat8@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat7@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat8@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12616",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493222"
}
],
"notes": [
{
"category": "description",
"text": "When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Information Disclosure when using VirtualDirContext",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "VirtualDirContext is not designed to be used in production, but only to ease development with IDEs without needing to fully republish jars in WEB-INF/lib.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12616"
},
{
"category": "external",
"summary": "RHBZ#1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12616"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Information Disclosure when using VirtualDirContext"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2017-15698",
"cwe": {
"id": "CWE-299",
"name": "Improper Check for Certificate Revocation"
},
"discovery_date": "2018-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540824"
}
],
"notes": [
{
"category": "description",
"text": "When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15698"
},
{
"category": "external",
"summary": "RHBZ#1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-1305",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548282"
}
],
"notes": [
{
"category": "description",
"text": "Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1305"
},
{
"category": "external",
"summary": "RHBZ#1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users"
}
]
}
rhsa-2018_0271
Vulnerability from csaf_redhat
Published
2018-02-05 14:08
Modified
2024-12-22 18:33
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0271",
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519259"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "1533997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533997"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0271.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2024-12-22T18:33:10+00:00",
"generator": {
"date": "2024-12-22T18:33:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2018:0271",
"initial_release_date": "2018-02-05T14:08:06+00:00",
"revision_history": [
{
"date": "2018-02-05T14:08:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:08:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-22T18:33:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:08:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:08:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:08:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2017_3080
Vulnerability from csaf_redhat
Published
2017-10-30 00:15
Modified
2024-12-29 18:20
Summary
Red Hat Security Advisory: tomcat6 security update
Notes
Topic
An update for tomcat6 is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)
* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)
* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3080",
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "1461851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461851"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3080.json"
}
],
"title": "Red Hat Security Advisory: tomcat6 security update",
"tracking": {
"current_release_date": "2024-12-29T18:20:19+00:00",
"generator": {
"date": "2024-12-29T18:20:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2017:3080",
"initial_release_date": "2017-10-30T00:15:02+00:00",
"revision_history": [
{
"date": "2017-10-30T00:15:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-30T00:15:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-29T18:20:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-111.el6_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-111.el6_9.src",
"product": {
"name": "tomcat6-0:6.0.24-111.el6_9.src",
"product_id": "tomcat6-0:6.0.24-111.el6_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5647",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1441205"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of pipelined requests when send file was used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5647"
},
{
"category": "external",
"summary": "RHBZ#1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
}
],
"release_date": "2017-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "The AJP connector does not support the sendfile capability. A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration. Note: Disabling sendfile, may impact performance on large files.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Incorrect handling of pipelined requests when send file was used"
},
{
"cve": "CVE-2017-5664",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2017-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1459158"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Security constrained bypass in error page mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file. The default for readonly is true.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5664"
},
{
"category": "external",
"summary": "RHBZ#1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
}
],
"release_date": "2017-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Security constrained bypass in error page mechanism"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
rhsa-2018_0268
Vulnerability from csaf_redhat
Published
2018-02-05 14:05
Modified
2024-12-22 18:33
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0268",
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519260"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0268.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2024-12-22T18:33:23+00:00",
"generator": {
"date": "2024-12-22T18:33:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2018:0268",
"initial_release_date": "2018-02-05T14:05:56+00:00",
"revision_history": [
{
"date": "2018-02-05T14:05:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:05:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-22T18:33:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
RHSA-2017:3081
Vulnerability from csaf_redhat
Published
2017-10-30 00:26
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)
* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)
* A vulnerability was discovered in Tomcat where the CORS Filter did not send a "Vary: Origin" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches. (CVE-2017-7674)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)\n\n* A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches. (CVE-2017-7674)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3081",
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "1480618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3081.json"
}
],
"title": "Red Hat Security Advisory: tomcat security update",
"tracking": {
"current_release_date": "2025-01-19T19:40:16+00:00",
"generator": {
"date": "2025-01-19T19:40:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3081",
"initial_release_date": "2017-10-30T00:26:54+00:00",
"revision_history": [
{
"date": "2017-10-30T00:26:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-30T00:26:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-0:7.0.76-3.el7_4.src",
"product": {
"name": "tomcat-0:7.0.76-3.el7_4.src",
"product_id": "tomcat-0:7.0.76-3.el7_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.76-3.el7_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-lib@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-webapps@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.76-3.el7_4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5647",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1441205"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of pipelined requests when send file was used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5647"
},
{
"category": "external",
"summary": "RHBZ#1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
}
],
"release_date": "2017-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "workaround",
"details": "The AJP connector does not support the sendfile capability. A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration. Note: Disabling sendfile, may impact performance on large files.",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Incorrect handling of pipelined requests when send file was used"
},
{
"cve": "CVE-2017-7674",
"discovery_date": "2017-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1480618"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7674"
},
{
"category": "external",
"summary": "RHBZ#1480618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
}
],
"release_date": "2017-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
rhsa-2017:3114
Vulnerability from csaf_redhat
Published
2017-11-02 19:04
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.
This release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Users of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno Böck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters of CVE-2016-2183.
Bug Fix(es):
* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)
* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)
* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)
* The jboss-ews-application-servers zip README contains incomplete description of fixed CVEs (BZ#1497953)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)\n\n* The jboss-ews-application-servers zip README contains incomplete description of fixed CVEs (BZ#1497953)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3114",
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3227901",
"url": "https://access.redhat.com/articles/3227901"
},
{
"category": "external",
"summary": "1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1493075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493075"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1497953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497953"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3114.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update",
"tracking": {
"current_release_date": "2025-01-19T19:40:27+00:00",
"generator": {
"date": "2025-01-19T19:40:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3114",
"initial_release_date": "2017-11-02T19:04:48+00:00",
"revision_history": [
{
"date": "2017-11-02T19:04:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-02T19:04:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 2.1",
"product": {
"name": "Red Hat JBoss Web Server 2.1",
"product_id": "Red Hat JBoss Web Server 2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"OpenVPN"
]
},
{
"names": [
"Karthikeyan Bhargavan",
"Ga\u00ebtan Leurent"
],
"organization": "Inria",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2183",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2016-08-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1369383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2183"
},
{
"category": "external",
"summary": "RHBZ#1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2548661",
"url": "https://access.redhat.com/articles/2548661"
},
{
"category": "external",
"summary": "https://access.redhat.com/errata/RHSA-2016:1940",
"url": "https://access.redhat.com/errata/RHSA-2016:1940"
},
{
"category": "external",
"summary": "https://sweet32.info/",
"url": "https://sweet32.info/"
}
],
"release_date": "2016-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
RHSA-2017:3114
Vulnerability from csaf_redhat
Published
2017-11-02 19:04
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.
This release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Users of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno Böck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters of CVE-2016-2183.
Bug Fix(es):
* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)
* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)
* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)
* The jboss-ews-application-servers zip README contains incomplete description of fixed CVEs (BZ#1497953)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)\n\n* The jboss-ews-application-servers zip README contains incomplete description of fixed CVEs (BZ#1497953)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3114",
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3227901",
"url": "https://access.redhat.com/articles/3227901"
},
{
"category": "external",
"summary": "1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1493075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493075"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1497953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497953"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3114.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update",
"tracking": {
"current_release_date": "2025-01-19T19:40:27+00:00",
"generator": {
"date": "2025-01-19T19:40:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3114",
"initial_release_date": "2017-11-02T19:04:48+00:00",
"revision_history": [
{
"date": "2017-11-02T19:04:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-02T19:04:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 2.1",
"product": {
"name": "Red Hat JBoss Web Server 2.1",
"product_id": "Red Hat JBoss Web Server 2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"OpenVPN"
]
},
{
"names": [
"Karthikeyan Bhargavan",
"Ga\u00ebtan Leurent"
],
"organization": "Inria",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2183",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2016-08-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1369383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2183"
},
{
"category": "external",
"summary": "RHBZ#1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2548661",
"url": "https://access.redhat.com/articles/2548661"
},
{
"category": "external",
"summary": "https://access.redhat.com/errata/RHSA-2016:1940",
"url": "https://access.redhat.com/errata/RHSA-2016:1940"
},
{
"category": "external",
"summary": "https://sweet32.info/",
"url": "https://sweet32.info/"
}
],
"release_date": "2016-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:04:48+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
RHSA-2017:3113
Vulnerability from csaf_redhat
Published
2017-11-02 19:15
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.
This release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Users of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno Böck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters of CVE-2016-2183.
Bug Fix(es):
* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)
* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)
* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3113",
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3227901",
"url": "https://access.redhat.com/articles/3227901"
},
{
"category": "external",
"summary": "1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1493075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493075"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3113.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update",
"tracking": {
"current_release_date": "2025-01-19T19:40:21+00:00",
"generator": {
"date": "2025-01-19T19:40:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3113",
"initial_release_date": "2017-11-02T19:15:44+00:00",
"revision_history": [
{
"date": "2017-11-02T19:15:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-02T19:15:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"product_id": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"product_id": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl22@2.2.26-58.ep6.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-manual@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap22@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-debuginfo@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-tools@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-devel@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"product_id": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"product": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"product_id": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.26-57.ep6.el6.src",
"product": {
"name": "httpd-0:2.2.26-57.ep6.el6.src",
"product_id": "httpd-0:2.2.26-57.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd22-0:2.2.26-58.ep6.el7.src",
"product": {
"name": "httpd22-0:2.2.26-58.ep6.el7.src",
"product_id": "httpd22-0:2.2.26-58.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.26-57.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src"
},
"product_reference": "httpd-0:2.2.26-57.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386"
},
"product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64"
},
"product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386"
},
"product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.26-58.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src"
},
"product_reference": "httpd22-0:2.2.26-58.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64"
},
"product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"OpenVPN"
]
},
{
"names": [
"Karthikeyan Bhargavan",
"Ga\u00ebtan Leurent"
],
"organization": "Inria",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2183",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2016-08-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1369383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2183"
},
{
"category": "external",
"summary": "RHBZ#1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2548661",
"url": "https://access.redhat.com/articles/2548661"
},
{
"category": "external",
"summary": "https://access.redhat.com/errata/RHSA-2016:1940",
"url": "https://access.redhat.com/errata/RHSA-2016:1940"
},
{
"category": "external",
"summary": "https://sweet32.info/",
"url": "https://sweet32.info/"
}
],
"release_date": "2016-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
RHSA-2018:0275
Vulnerability from csaf_redhat
Published
2018-02-05 14:24
Modified
2025-01-26 20:08
Summary
Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0275",
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0275.json"
}
],
"title": "Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-01-26T20:08:57+00:00",
"generator": {
"date": "2025-01-26T20:08:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0275",
"initial_release_date": "2018-02-05T14:24:53+00:00",
"revision_history": [
{
"date": "2018-02-05T14:24:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-26T20:08:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.19-2.Final_redhat_2.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.19-2.Final_redhat_2.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"product": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"product_id": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.19-2.Final_redhat_2.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src"
},
"product_reference": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:24:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:24:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:24:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2018:0270
Vulnerability from csaf_redhat
Published
2018-02-05 10:44
Modified
2025-03-19 14:37
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0270",
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519258"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "1533996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533996"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0270.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-03-19T14:37:13+00:00",
"generator": {
"date": "2025-03-19T14:37:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2018:0270",
"initial_release_date": "2018-02-05T10:44:31+00:00",
"revision_history": [
{
"date": "2018-02-05T10:44:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T10:44:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-19T14:37:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:44:31+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:44:31+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:44:31+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
RHSA-2018:0466
Vulnerability from csaf_redhat
Published
2018-03-07 15:21
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update
Notes
Topic
An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)
* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)
* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)
* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)
* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)\n\n* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)\n\n* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)\n\n* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)\n\n* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0466",
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0466.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update",
"tracking": {
"current_release_date": "2025-01-19T19:40:32+00:00",
"generator": {
"date": "2025-01-19T19:40:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0466",
"initial_release_date": "2018-03-07T15:21:52+00:00",
"revision_history": [
{
"date": "2018-03-07T15:21:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-07T15:21:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
"product": {
"name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
"product": {
"name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product_id": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product_id": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product_id": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product_id": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat8@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat7@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat7@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat8@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat7@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat8@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat7@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat8@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12616",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493222"
}
],
"notes": [
{
"category": "description",
"text": "When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Information Disclosure when using VirtualDirContext",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "VirtualDirContext is not designed to be used in production, but only to ease development with IDEs without needing to fully republish jars in WEB-INF/lib.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12616"
},
{
"category": "external",
"summary": "RHBZ#1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12616"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Information Disclosure when using VirtualDirContext"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2017-15698",
"cwe": {
"id": "CWE-299",
"name": "Improper Check for Certificate Revocation"
},
"discovery_date": "2018-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540824"
}
],
"notes": [
{
"category": "description",
"text": "When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15698"
},
{
"category": "external",
"summary": "RHBZ#1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-1305",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548282"
}
],
"notes": [
{
"category": "description",
"text": "Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1305"
},
{
"category": "external",
"summary": "RHBZ#1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users"
}
]
}
rhsa-2018:2939
Vulnerability from csaf_redhat
Published
2018-10-17 19:28
Modified
2025-04-09 17:24
Summary
Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R8 security and bug fix update
Notes
Topic
An update is now available for Red Hat Fuse Integration Services.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.
Security fix(es):
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
* spring-framework: Address partial fix for CVE-2018-1270 (CVE-2018-1275)
* spring-framework: Directory traversal vulnerability with static resources on Windows filesystems (CVE-2018-1271)
* spring-framework: Possible RCE via spring messaging (CVE-2018-1270)
* spring-security-oauth: remote code execution in the authorization process (CVE-2018-1260)
* tomcat: A bug in the UTF-8 decoder can lead to DoS (CVE-2018-1336)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)
* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Fuse Integration Services.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.\n\nSecurity fix(es):\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\n* spring-framework: Address partial fix for CVE-2018-1270 (CVE-2018-1275)\n\n* spring-framework: Directory traversal vulnerability with static resources on Windows filesystems (CVE-2018-1271)\n\n* spring-framework: Possible RCE via spring messaging (CVE-2018-1270)\n\n* spring-security-oauth: remote code execution in the authorization process (CVE-2018-1260)\n\n* tomcat: A bug in the UTF-8 decoder can lead to DoS (CVE-2018-1336)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)\n\n* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2939",
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
},
{
"category": "external",
"summary": "1565307",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1565307"
},
{
"category": "external",
"summary": "1571050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571050"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1584376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584376"
},
{
"category": "external",
"summary": "1564405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1564405"
},
{
"category": "external",
"summary": "1607591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607591"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2939.json"
}
],
"title": "Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R8 security and bug fix update",
"tracking": {
"current_release_date": "2025-04-09T17:24:21+00:00",
"generator": {
"date": "2025-04-09T17:24:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.2"
}
},
"id": "RHSA-2018:2939",
"initial_release_date": "2018-10-17T19:28:22+00:00",
"revision_history": [
{
"date": "2018-10-17T19:28:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-10-17T19:28:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-04-09T17:24:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8",
"product": {
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8",
"product_id": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1260",
"cwe": {
"id": "CWE-267",
"name": "Privilege Defined With Unsafe Actions"
},
"discovery_date": "2018-05-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1584376"
}
],
"notes": [
{
"category": "description",
"text": "Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security-oauth: remote code execution in the authorization process",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1260"
},
{
"category": "external",
"summary": "RHBZ#1584376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1260",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1260"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1260",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1260"
}
],
"release_date": "2018-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-security-oauth: remote code execution in the authorization process"
},
{
"cve": "CVE-2018-1270",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1564405"
}
],
"notes": [
{
"category": "description",
"text": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-framework: Possible RCE via spring messaging",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No Red Hat products are directly affected by this flaw; the products that package some parts of the Spring Framework either do not ship the affected messaging component, or use an older version that is not affected. \n\nFuse 6.3 and Fuse Integration Services 2.0 are both not directly affected by the flaw, but both point to the affected versions in their respective Camel-Springboot Maven repository BOMs. Fixes for those repository links will be addressed in advisories via regular patch cycle; customers using Spring stomp messaging from these Maven repositories are advised to update to the new BOMs when available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1270"
},
{
"category": "external",
"summary": "RHBZ#1564405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1564405"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1270",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1270"
},
{
"category": "external",
"summary": "https://pivotal.io/security/cve-2018-1270",
"url": "https://pivotal.io/security/cve-2018-1270"
}
],
"release_date": "2018-04-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "spring-framework: Possible RCE via spring messaging"
},
{
"cve": "CVE-2018-1271",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-04-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1571050"
}
],
"notes": [
{
"category": "description",
"text": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-framework: Directory traversal vulnerability with static resources on Windows filesystems",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1271"
},
{
"category": "external",
"summary": "RHBZ#1571050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571050"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1271"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1271",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1271"
},
{
"category": "external",
"summary": "https://pivotal.io/security/cve-2018-1271",
"url": "https://pivotal.io/security/cve-2018-1271"
}
],
"release_date": "2018-04-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-framework: Directory traversal vulnerability with static resources on Windows filesystems"
},
{
"cve": "CVE-2018-1275",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1565307"
}
],
"notes": [
{
"category": "description",
"text": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-framework: Address partial fix for CVE-2018-1270",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1275"
},
{
"category": "external",
"summary": "RHBZ#1565307",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1565307"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1275",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1275"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1275",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1275"
}
],
"release_date": "2018-04-09T19:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "spring-framework: Address partial fix for CVE-2018-1270"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-1305",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548282"
}
],
"notes": [
{
"category": "description",
"text": "Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1305"
},
{
"category": "external",
"summary": "RHBZ#1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users"
},
{
"cve": "CVE-2018-1336",
"discovery_date": "2018-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1607591"
}
],
"notes": [
{
"category": "description",
"text": "An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: A bug in the UTF-8 decoder can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Fuse 6.3 and 7 standalone distributions ship but do not use tomcat, and as such are not affected by this flaw; however, Fuse Integration Services 2.0 and Fuse 7 on OpenShift provide the affected artifacts via their respective maven repositories, and will provide fixes for this issue in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1336"
},
{
"category": "external",
"summary": "RHBZ#1607591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1336",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1336"
}
],
"release_date": "2018-07-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: A bug in the UTF-8 decoder can lead to DoS"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-17T19:28:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2939"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
}
]
}
RHSA-2017:3080
Vulnerability from csaf_redhat
Published
2017-10-30 00:15
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: tomcat6 security update
Notes
Topic
An update for tomcat6 is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)
* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)
* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3080",
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "1461851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461851"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3080.json"
}
],
"title": "Red Hat Security Advisory: tomcat6 security update",
"tracking": {
"current_release_date": "2025-01-19T19:40:10+00:00",
"generator": {
"date": "2025-01-19T19:40:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3080",
"initial_release_date": "2017-10-30T00:15:02+00:00",
"revision_history": [
{
"date": "2017-10-30T00:15:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-30T00:15:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-111.el6_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-111.el6_9.src",
"product": {
"name": "tomcat6-0:6.0.24-111.el6_9.src",
"product_id": "tomcat6-0:6.0.24-111.el6_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5647",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1441205"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of pipelined requests when send file was used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5647"
},
{
"category": "external",
"summary": "RHBZ#1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
}
],
"release_date": "2017-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "The AJP connector does not support the sendfile capability. A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration. Note: Disabling sendfile, may impact performance on large files.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Incorrect handling of pipelined requests when send file was used"
},
{
"cve": "CVE-2017-5664",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2017-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1459158"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Security constrained bypass in error page mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file. The default for readonly is true.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5664"
},
{
"category": "external",
"summary": "RHBZ#1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
}
],
"release_date": "2017-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Security constrained bypass in error page mechanism"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
RHSA-2018:0270
Vulnerability from csaf_redhat
Published
2018-02-05 10:44
Modified
2025-03-19 14:37
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0270",
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519258"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "1533996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533996"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0270.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-03-19T14:37:13+00:00",
"generator": {
"date": "2025-03-19T14:37:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2018:0270",
"initial_release_date": "2018-02-05T10:44:31+00:00",
"revision_history": [
{
"date": "2018-02-05T10:44:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T10:44:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-19T14:37:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:44:31+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:44:31+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:44:31+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0270"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2018:0269
Vulnerability from csaf_redhat
Published
2018-02-05 10:27
Modified
2025-03-19 14:42
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 5th February 2018]
Previously, this erratum was marked as a security update for EAP 6.4.18. This was incorrect; the erratum is a security update for EAP 6.4.19.The erratum has been modified to reflect this.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 5th February 2018]\nPreviously, this erratum was marked as a security update for EAP 6.4.18. This was incorrect; the erratum is a security update for EAP 6.4.19.The erratum has been modified to reflect this.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0269",
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0269.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-03-19T14:42:06+00:00",
"generator": {
"date": "2025-03-19T14:42:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2018:0269",
"initial_release_date": "2018-02-05T10:27:01+00:00",
"revision_history": [
{
"date": "2018-02-05T10:27:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T17:11:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-19T14:42:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2017:3081
Vulnerability from csaf_redhat
Published
2017-10-30 00:26
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)
* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)
* A vulnerability was discovered in Tomcat where the CORS Filter did not send a "Vary: Origin" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches. (CVE-2017-7674)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)\n\n* A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches. (CVE-2017-7674)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3081",
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "1480618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3081.json"
}
],
"title": "Red Hat Security Advisory: tomcat security update",
"tracking": {
"current_release_date": "2025-01-19T19:40:16+00:00",
"generator": {
"date": "2025-01-19T19:40:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3081",
"initial_release_date": "2017-10-30T00:26:54+00:00",
"revision_history": [
{
"date": "2017-10-30T00:26:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-30T00:26:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-0:7.0.76-3.el7_4.src",
"product": {
"name": "tomcat-0:7.0.76-3.el7_4.src",
"product_id": "tomcat-0:7.0.76-3.el7_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.76-3.el7_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-lib@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-webapps@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.76-3.el7_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"product": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"product_id": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.76-3.el7_4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.76-3.el7_4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src"
},
"product_reference": "tomcat-0:7.0.76-3.el7_4.src",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-lib-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.76-3.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5647",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1441205"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of pipelined requests when send file was used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5647"
},
{
"category": "external",
"summary": "RHBZ#1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
}
],
"release_date": "2017-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "workaround",
"details": "The AJP connector does not support the sendfile capability. A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration. Note: Disabling sendfile, may impact performance on large files.",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Incorrect handling of pipelined requests when send file was used"
},
{
"cve": "CVE-2017-7674",
"discovery_date": "2017-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1480618"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7674"
},
{
"category": "external",
"summary": "RHBZ#1480618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
}
],
"release_date": "2017-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3081"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Client-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Client-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7ComputeNode-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7ComputeNode-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Server-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Server-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-0:7.0.76-3.el7_4.src",
"7Workstation-optional-7.4.Z:tomcat-admin-webapps-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-docs-webapp-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-el-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-javadoc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsp-2.2-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-jsvc-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-lib-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-servlet-3.0-api-0:7.0.76-3.el7_4.noarch",
"7Workstation-optional-7.4.Z:tomcat-webapps-0:7.0.76-3.el7_4.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
RHSA-2018:0269
Vulnerability from csaf_redhat
Published
2018-02-05 10:27
Modified
2025-03-19 14:42
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 5th February 2018]
Previously, this erratum was marked as a security update for EAP 6.4.18. This was incorrect; the erratum is a security update for EAP 6.4.19.The erratum has been modified to reflect this.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 5th February 2018]\nPreviously, this erratum was marked as a security update for EAP 6.4.18. This was incorrect; the erratum is a security update for EAP 6.4.19.The erratum has been modified to reflect this.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0269",
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0269.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-03-19T14:42:06+00:00",
"generator": {
"date": "2025-03-19T14:42:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2018:0269",
"initial_release_date": "2018-02-05T10:27:01+00:00",
"revision_history": [
{
"date": "2018-02-05T10:27:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T17:11:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-19T14:42:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2018:0465
Vulnerability from csaf_redhat
Published
2018-03-07 15:09
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update
Notes
Topic
An update is now available for Red Hat JBoss Web Server 3.1.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)
* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)
* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)
* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)
* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Web Server 3.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)\n\n* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)\n\n* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)\n\n* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)\n\n* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0465",
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/httpoxy",
"url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/2435491",
"url": "https://access.redhat.com/solutions/2435491"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0465.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update",
"tracking": {
"current_release_date": "2025-01-19T19:40:32+00:00",
"generator": {
"date": "2025-01-19T19:40:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0465",
"initial_release_date": "2018-03-07T15:09:54+00:00",
"revision_history": [
{
"date": "2018-03-07T15:09:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-07T15:09:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1",
"product": {
"name": "Red Hat JBoss Web Server 3.1",
"product_id": "Red Hat JBoss Web Server 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12616",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493222"
}
],
"notes": [
{
"category": "description",
"text": "When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Information Disclosure when using VirtualDirContext",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "VirtualDirContext is not designed to be used in production, but only to ease development with IDEs without needing to fully republish jars in WEB-INF/lib.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12616"
},
{
"category": "external",
"summary": "RHBZ#1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12616"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Information Disclosure when using VirtualDirContext"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2017-15698",
"cwe": {
"id": "CWE-299",
"name": "Improper Check for Certificate Revocation"
},
"discovery_date": "2018-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540824"
}
],
"notes": [
{
"category": "description",
"text": "When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15698"
},
{
"category": "external",
"summary": "RHBZ#1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-1305",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548282"
}
],
"notes": [
{
"category": "description",
"text": "Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1305"
},
{
"category": "external",
"summary": "RHBZ#1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users"
}
]
}
rhsa-2018_0269
Vulnerability from csaf_redhat
Published
2018-02-05 10:27
Modified
2024-12-22 18:33
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 5th February 2018]
Previously, this erratum was marked as a security update for EAP 6.4.18. This was incorrect; the erratum is a security update for EAP 6.4.19.The erratum has been modified to reflect this.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 5th February 2018]\nPreviously, this erratum was marked as a security update for EAP 6.4.18. This was incorrect; the erratum is a security update for EAP 6.4.19.The erratum has been modified to reflect this.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0269",
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0269.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2024-12-22T18:33:05+00:00",
"generator": {
"date": "2024-12-22T18:33:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2018:0269",
"initial_release_date": "2018-02-05T10:27:01+00:00",
"revision_history": [
{
"date": "2018-02-05T10:27:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T17:11:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-22T18:33:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T10:27:01+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0269"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2017:3113
Vulnerability from csaf_redhat
Published
2017-11-02 19:15
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.
This release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Users of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno Böck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters of CVE-2016-2183.
Bug Fix(es):
* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)
* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)
* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3113",
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3227901",
"url": "https://access.redhat.com/articles/3227901"
},
{
"category": "external",
"summary": "1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1493075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493075"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3113.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update",
"tracking": {
"current_release_date": "2025-01-19T19:40:21+00:00",
"generator": {
"date": "2025-01-19T19:40:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3113",
"initial_release_date": "2017-11-02T19:15:44+00:00",
"revision_history": [
{
"date": "2017-11-02T19:15:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-02T19:15:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"product_id": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"product": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"product_id": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"product_id": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl22@2.2.26-58.ep6.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-manual@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap22@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-debuginfo@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-tools@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"product": {
"name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"product_id": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-devel@2.2.26-58.ep6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"product_id": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"product": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"product_id": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"product": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"product_id": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.26-57.ep6.el6.src",
"product": {
"name": "httpd-0:2.2.26-57.ep6.el6.src",
"product_id": "httpd-0:2.2.26-57.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"product": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd22-0:2.2.26-58.ep6.el7.src",
"product": {
"name": "httpd22-0:2.2.26-58.ep6.el7.src",
"product_id": "httpd22-0:2.2.26-58.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-28_patch_05.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-19_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-28_patch_05.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.26-57.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src"
},
"product_reference": "httpd-0:2.2.26-57.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386"
},
"product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64"
},
"product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386"
},
"product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386"
},
"product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64"
},
"product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.26-58.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src"
},
"product_reference": "httpd22-0:2.2.26-58.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64"
},
"product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64"
},
"product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64"
},
"product_reference": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src"
},
"product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src"
},
"product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"OpenVPN"
]
},
{
"names": [
"Karthikeyan Bhargavan",
"Ga\u00ebtan Leurent"
],
"organization": "Inria",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2183",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2016-08-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1369383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2183"
},
{
"category": "external",
"summary": "RHBZ#1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2548661",
"url": "https://access.redhat.com/articles/2548661"
},
{
"category": "external",
"summary": "https://access.redhat.com/errata/RHSA-2016:1940",
"url": "https://access.redhat.com/errata/RHSA-2016:1940"
},
{
"category": "external",
"summary": "https://sweet32.info/",
"url": "https://sweet32.info/"
}
],
"release_date": "2016-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-02T19:15:44+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src",
"6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src",
"6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686",
"6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src",
"6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386",
"6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386",
"6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src",
"7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src",
"7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src",
"7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
rhsa-2017:3080
Vulnerability from csaf_redhat
Published
2017-10-30 00:15
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: tomcat6 security update
Notes
Topic
An update for tomcat6 is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)
* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)
* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3080",
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "1461851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461851"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3080.json"
}
],
"title": "Red Hat Security Advisory: tomcat6 security update",
"tracking": {
"current_release_date": "2025-01-19T19:40:10+00:00",
"generator": {
"date": "2025-01-19T19:40:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2017:3080",
"initial_release_date": "2017-10-30T00:15:02+00:00",
"revision_history": [
{
"date": "2017-10-30T00:15:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-30T00:15:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-111.el6_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-111.el6_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-111.el6_9.src",
"product": {
"name": "tomcat6-0:6.0.24-111.el6_9.src",
"product_id": "tomcat6-0:6.0.24-111.el6_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Server-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
},
"product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"relates_to_product_reference": "6Workstation-optional-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5647",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1441205"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of pipelined requests when send file was used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5647"
},
{
"category": "external",
"summary": "RHBZ#1441205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
}
],
"release_date": "2017-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "The AJP connector does not support the sendfile capability. A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration. Note: Disabling sendfile, may impact performance on large files.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Incorrect handling of pipelined requests when send file was used"
},
{
"cve": "CVE-2017-5664",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2017-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1459158"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Security constrained bypass in error page mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file. The default for readonly is true.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5664"
},
{
"category": "external",
"summary": "RHBZ#1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
}
],
"release_date": "2017-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Security constrained bypass in error page mechanism"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-30T00:15:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3080"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
"6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
"6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
}
]
}
rhsa-2018_0465
Vulnerability from csaf_redhat
Published
2018-03-07 15:09
Modified
2024-11-25 12:09
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update
Notes
Topic
An update is now available for Red Hat JBoss Web Server 3.1.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)
* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)
* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)
* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)
* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Web Server 3.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)\n\n* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)\n\n* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)\n\n* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)\n\n* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0465",
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/httpoxy",
"url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/2435491",
"url": "https://access.redhat.com/solutions/2435491"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0465.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update",
"tracking": {
"current_release_date": "2024-11-25T12:09:23+00:00",
"generator": {
"date": "2024-11-25T12:09:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:0465",
"initial_release_date": "2018-03-07T15:09:54+00:00",
"revision_history": [
{
"date": "2018-03-07T15:09:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-07T15:09:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T12:09:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1",
"product": {
"name": "Red Hat JBoss Web Server 3.1",
"product_id": "Red Hat JBoss Web Server 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12616",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493222"
}
],
"notes": [
{
"category": "description",
"text": "When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Information Disclosure when using VirtualDirContext",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "VirtualDirContext is not designed to be used in production, but only to ease development with IDEs without needing to fully republish jars in WEB-INF/lib.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12616"
},
{
"category": "external",
"summary": "RHBZ#1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12616"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Information Disclosure when using VirtualDirContext"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2017-15698",
"cwe": {
"id": "CWE-299",
"name": "Improper Check for Certificate Revocation"
},
"discovery_date": "2018-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540824"
}
],
"notes": [
{
"category": "description",
"text": "When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15698"
},
{
"category": "external",
"summary": "RHBZ#1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-1305",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548282"
}
],
"notes": [
{
"category": "description",
"text": "Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 3.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1305"
},
{
"category": "external",
"summary": "RHBZ#1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:09:54+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Web Server 3.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Web Server 3.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users"
}
]
}
rhsa-2018:0466
Vulnerability from csaf_redhat
Published
2018-03-07 15:21
Modified
2025-01-19 19:40
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update
Notes
Topic
An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)
* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)
* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)
* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)
* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613)\n\n* tomcat: Remote Code Execution via JSP Upload (CVE-2017-12615)\n\n* tomcat: Information Disclosure when using VirtualDirContext (CVE-2017-12616)\n\n* tomcat: Remote Code Execution bypass for CVE-2017-12615 (CVE-2017-12617)\n\n* tomcat-native: Mishandling of client certificates can allow for OCSP check bypass (CVE-2017-15698)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* tomcat: Late application of security constraints can lead to resource exposure for unauthorised users (CVE-2018-1305)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0466",
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/"
},
{
"category": "external",
"summary": "1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0466.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update",
"tracking": {
"current_release_date": "2025-01-19T19:40:32+00:00",
"generator": {
"date": "2025-01-19T19:40:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0466",
"initial_release_date": "2018-03-07T15:21:52+00:00",
"revision_history": [
{
"date": "2018-03-07T15:21:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-07T15:21:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:40:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
"product": {
"name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
"product": {
"name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_id": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-11.redhat_11.ep7.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product_id": "tomcat7-0:7.0.70-25.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product_id": "tomcat8-0:8.0.36-29.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product_id": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat_11.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product_id": "tomcat8-0:8.0.36-29.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product_id": "tomcat7-0:7.0.70-25.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat8@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat7@1.3.8-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat7@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat8@1.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product_id": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-25.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_id": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-29.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat7@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_cluster-tomcat8@1.3.8-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat7@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault-tomcat8@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-vault@1.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product_id": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-29.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-25.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product_id": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.70-25.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el6.src",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
"product_id": "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch"
},
"product_reference": "tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src"
},
"product_reference": "mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64"
},
"product_reference": "tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64"
},
"product_reference": "tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.70-25.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src"
},
"product_reference": "tomcat7-0:7.0.70-25.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-0:8.0.36-29.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src"
},
"product_reference": "tomcat8-0:8.0.36-29.ep7.el7.src",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
"product_id": "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
},
"product_reference": "tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JWS-3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
},
{
"cve": "CVE-2017-12615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution via JSP Upload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12615"
},
{
"category": "external",
"summary": "RHBZ#1493220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution via JSP Upload"
},
{
"cve": "CVE-2017-12616",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1493222"
}
],
"notes": [
{
"category": "description",
"text": "When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Information Disclosure when using VirtualDirContext",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "VirtualDirContext is not designed to be used in production, but only to ease development with IDEs without needing to fully republish jars in WEB-INF/lib.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12616"
},
{
"category": "external",
"summary": "RHBZ#1493222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493222"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12616"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12616"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Information Disclosure when using VirtualDirContext"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2017-15698",
"cwe": {
"id": "CWE-299",
"name": "Improper Check for Certificate Revocation"
},
"discovery_date": "2018-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540824"
}
],
"notes": [
{
"category": "description",
"text": "When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15698"
},
{
"category": "external",
"summary": "RHBZ#1540824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15698"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat-native: Mishandling of client certificates can allow for OCSP check bypass"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-1305",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548282"
}
],
"notes": [
{
"category": "description",
"text": "Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1305"
},
{
"category": "external",
"summary": "RHBZ#1548282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1305"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T15:21:52+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.src",
"6Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.i686",
"6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6.x86_64",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el6.src",
"6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el6.src",
"6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6.noarch",
"6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el6.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JWS-3.1:mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.src",
"7Server-JWS-3.1:tomcat-native-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7.x86_64",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JWS-3.1:tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-0:7.0.70-25.ep7.el7.src",
"7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-lib-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-25.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-0:8.0.36-29.ep7.el7.src",
"7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-lib-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7.noarch",
"7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-29.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Late application of security constraints can lead to resource exposure for unauthorised users"
}
]
}
RHSA-2018:0268
Vulnerability from csaf_redhat
Published
2018-02-05 14:05
Modified
2025-01-26 20:08
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0268",
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519260"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0268.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-01-26T20:08:50+00:00",
"generator": {
"date": "2025-01-26T20:08:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0268",
"initial_release_date": "2018-02-05T14:05:56+00:00",
"revision_history": [
{
"date": "2018-02-05T14:05:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:05:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-26T20:08:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2018:0268
Vulnerability from csaf_redhat
Published
2018-02-05 14:05
Modified
2025-01-26 20:08
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0268",
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519260"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0268.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-01-26T20:08:50+00:00",
"generator": {
"date": "2025-01-26T20:08:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0268",
"initial_release_date": "2018-02-05T14:05:56+00:00",
"revision_history": [
{
"date": "2018-02-05T14:05:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:05:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-26T20:08:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:05:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0268"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
rhsa-2018_0275
Vulnerability from csaf_redhat
Published
2018-02-05 14:24
Modified
2024-12-22 18:33
Summary
Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0275",
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0275.json"
}
],
"title": "Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-22T18:33:29+00:00",
"generator": {
"date": "2024-12-22T18:33:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2018:0275",
"initial_release_date": "2018-02-05T14:24:53+00:00",
"revision_history": [
{
"date": "2018-02-05T14:24:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-22T18:33:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.19-2.Final_redhat_2.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.19-2.Final_redhat_2.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"product": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"product_id": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.19-2.Final_redhat_2.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src"
},
"product_reference": "jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1498378"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12174"
},
{
"category": "external",
"summary": "RHBZ#1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:24:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery"
},
{
"cve": "CVE-2017-12617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1494283"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12617"
},
{
"category": "external",
"summary": "RHBZ#1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html",
"url": "https://tomcat.apache.org/security-7.html"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html",
"url": "https://tomcat.apache.org/security-8.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:24:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
},
{
"category": "workaround",
"details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
},
{
"cve": "CVE-2018-1041",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1530457"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: High CPU Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1041"
},
{
"category": "external",
"summary": "RHBZ#1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1041"
}
],
"release_date": "2018-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-05T14:24:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0275"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.19-2.Final_redhat_2.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: High CPU Denial of Service"
}
]
}
RHSA-2018:0271
Vulnerability from csaf_redhat
Published
2018-02-05 14:08
Modified
2025-01-26 20:08
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)
* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)
* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)
The CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. (CVE-2017-12174)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. (CVE-2018-1041)\n\nThe CVE-2017-12174 issue was discovered by Masafumi Miura (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0271",
"url": "https://access.redhat.com/errata/RHSA-2018:0271"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/"
},
{
"category": "external",
"summary": "1494283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
},
{
"category": "external",
"summary": "1498378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378"
},
{
"category": "external",
"summary": "1519259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519259"
},
{
"category": "external",
"summary": "1530457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457"
},
{
"category": "external",
"summary": "1533997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533997"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0271.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update",
"tracking": {
"current_release_date": "2025-01-26T20:08:34+00:00",
"generator": {
"date": "2025-01-26T20:08:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2018:0271",
"initial_release_date": "2018-02-05T14:08:06+00:00",
"revision_history": [
{
"date": "2018-02-05T14:08:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-05T14:08:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-26T20:08:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-ejb-client-0:1.0.40-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ejb-client@1.0.40-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.23-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossws-cxf-0:4.3.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-cxf@4.3.7-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossweb-0:7.5.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product_id": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-25.SP23_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-picketlink-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-webservices-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-process-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.41-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-federation-0:2.5.4-20.SP18_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-20.SP18_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-version-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-pojo-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-modcluster-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-remoting3-0:3.3.12-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.12-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-bindings-0:2.5.4-22.SP18_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-22.SP18_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-sar-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-messaging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-bundles-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-domain-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-standalone-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-naming-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-remoting-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-core-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-product-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-threads-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-network-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-transactions-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-javadocs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-xts-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-web-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-protocol-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "jbossas-modules-eap-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.19-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src"
},
"product_reference": "hornetq-0:2.3.25-25.SP23_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "infinispan-0:5.2.23-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-core-0:5.2.23-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.41-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-appclient-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-cli-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-client-all-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-clustering-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-cmp-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-connector-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-core-security-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-embedded-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jdr-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jmx-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jpa-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsf-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-logging-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-mail-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.19-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0: