Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2017-3163
Vulnerability from cvelistv5
Published
2017-08-30 14:00
Modified
2024-09-16 18:39
Severity ?
EPSS score ?
Summary
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Solr |
Version: 1.4.0 to 5.5.3 Version: 6.0.0 to 6.4.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:16:28.303Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:1448", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { name: "RHSA-2018:1449", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { name: "RHSA-2018:1450", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { name: "RHSA-2018:1451", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { name: "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E", }, { name: "RHSA-2018:1447", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { name: "DSA-4124", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4124", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Solr", vendor: "Apache Software Foundation", versions: [ { status: "affected", version: "1.4.0 to 5.5.3", }, { status: "affected", version: "6.0.0 to 6.4.0", }, ], }, ], datePublic: "2017-02-15T00:00:00", descriptions: [ { lang: "en", value: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-05-16T09:57:01", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { name: "RHSA-2018:1448", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { name: "RHSA-2018:1449", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { name: "RHSA-2018:1450", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { name: "RHSA-2018:1451", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { name: "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E", }, { name: "RHSA-2018:1447", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { name: "DSA-4124", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4124", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", DATE_PUBLIC: "2017-02-15T00:00:00", ID: "CVE-2017-3163", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache Solr", version: { version_data: [ { version_value: "1.4.0 to 5.5.3", }, { version_value: "6.0.0 to 6.4.0", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:1448", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { name: "RHSA-2018:1449", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { name: "RHSA-2018:1450", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { name: "RHSA-2018:1451", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { name: "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", refsource: "MLIST", url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E", }, { name: "RHSA-2018:1447", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { name: "DSA-4124", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4124", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2017-3163", datePublished: "2017-08-30T14:00:00Z", dateReserved: "2016-12-05T00:00:00", dateUpdated: "2024-09-16T18:39:30.795Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2017-3163\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-08-30T14:29:00.207\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.\"},{\"lang\":\"es\",\"value\":\"Cuando se usa la característica Index Replication, los nodos Apache Solr pueden tomar archivos index de un nodo master/leader usando una API HTTP que acepta un nombre de archivo. Sin embargo, Solr en versiones anteriores a la 5.5.4 y en versiones 6.x anteriores a la 6.4.1 no valida el nombre de archivo, por lo que fue posible manipular una petición especial que involucre un salto de ruta, dejando expuestos todos los archivos legibles en el proceso de servidor Solr. Los servidores Solr protegidos y restringidos por reglas de firewall y/o autenticación no estarían en riesgo ya que solo los clientes y usuarios de confianza obtendrían acceso HTTP directo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.5.3\",\"matchCriteriaId\":\"C0CB118A-E405-41E5-B25F-C151B14292A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F3170C-C5D6-431F-A2DD-692636CF5DAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA339070-A2BD-4559-B400-2BC2EB9923A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B737CF14-C14A-4D97-B838-47EC4A2C68C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036F935D-B469-47C6-AF5D-3DFC73070753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42A1A17A-32EA-40A2-9A1E-6019B493B5C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76557E9C-1F16-44D9-ACA1-F4DAEC966F05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE068A02-D47A-4C6C-BFD3-040385599CA5\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1447\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1448\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1449\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1450\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1451\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4124\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1448\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1449\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1450\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
gsd-2017-3163
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
Aliases
Aliases
{ GSD: { alias: "CVE-2017-3163", description: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", id: "GSD-2017-3163", references: [ "https://www.debian.org/security/2018/dsa-4124", "https://access.redhat.com/errata/RHSA-2018:1451", "https://access.redhat.com/errata/RHSA-2018:1450", "https://access.redhat.com/errata/RHSA-2018:1449", "https://access.redhat.com/errata/RHSA-2018:1448", "https://access.redhat.com/errata/RHSA-2018:1447", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2017-3163", ], details: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", id: "GSD-2017-3163", modified: "2023-12-13T01:21:15.991931Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security@apache.org", DATE_PUBLIC: "2017-02-15T00:00:00", ID: "CVE-2017-3163", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache Solr", version: { version_data: [ { version_value: "1.4.0 to 5.5.3", }, { version_value: "6.0.0 to 6.4.0", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:1448", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { name: "RHSA-2018:1449", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { name: "RHSA-2018:1450", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { name: "RHSA-2018:1451", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { name: "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", refsource: "MLIST", url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E", }, { name: "RHSA-2018:1447", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { name: "DSA-4124", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4124", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "(,5.5.3],[6.0.0,6.0.1],[6.1.0,6.2.1],[6.3.0,6.4.0]", affected_versions: "All versions up to 5.5.3, all versions starting from 6.0.0 up to 6.0.1, all versions starting from 6.1.0 up to 6.2.1, all versions starting from 6.3.0 up to 6.4.0", credit: "Hrishikesh Gadre of Cloudra Inc.", cvss_v2: "AV:N/AC:L/Au:N/C:P/I:N/A:N", cvss_v3: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", cwe_ids: [ "CWE-1035", "CWE-22", "CWE-937", ], date: "2018-05-17", description: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name Solr does not validate the file name, hence it is possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", fixed_versions: [ "5.5.4", "6.4.1", ], identifier: "CVE-2017-3163", identifiers: [ "CVE-2017-3163", ], not_impacted: "All versions after 5.5.3 before 6.0.0, all versions after 6.0.1 before 6.1.0, all versions after 6.2.1 before 6.3.0, all versions after 6.4.0", package_slug: "maven/org.apache.solr/solr-core", pubdate: "2017-08-30", solution: "Upgrade to versions 5.5.4, 6.4.1 or above.", title: "Path traversal attack", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163", "https://issues.apache.org/jira/browse/SOLR-10031", ], uuid: "071188ba-0adf-446d-9569-e9acb76bb5ee", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.5.3", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2017-3163", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", refsource: "MLIST", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E", }, { name: "DSA-4124", refsource: "DEBIAN", tags: [], url: "https://www.debian.org/security/2018/dsa-4124", }, { name: "RHSA-2018:1451", refsource: "REDHAT", tags: [], url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { name: "RHSA-2018:1450", refsource: "REDHAT", tags: [], url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { name: "RHSA-2018:1449", refsource: "REDHAT", tags: [], url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { name: "RHSA-2018:1448", refsource: "REDHAT", tags: [], url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { name: "RHSA-2018:1447", refsource: "REDHAT", tags: [], url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2018-05-17T01:29Z", publishedDate: "2017-08-30T14:29Z", }, }, }
rhsa-2018:1450
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1450", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559009", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559009", }, { category: "external", summary: "1559012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559012", }, { category: "external", summary: "1559017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559017", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1450.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:29+00:00", generator: { date: "2025-04-09T17:23:29+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1450", initial_release_date: "2018-05-14T20:36:21+00:00", revision_history: [ { date: "2018-05-14T20:36:21+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:21+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:29+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-7525", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2017-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1462702", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-7525", }, { category: "external", summary: "RHBZ#1462702", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1462702", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-7525", url: "https://www.cve.org/CVERecord?id=CVE-2017-7525", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", }, ], release_date: "2017-07-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018_1449
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-01-05 18:56
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1449", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559008", }, { category: "external", summary: "1559011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559011", }, { category: "external", summary: "1559016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1449.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-01-05T18:56:31+00:00", generator: { date: "2025-01-05T18:56:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2018:1449", initial_release_date: "2018-05-14T20:36:31+00:00", revision_history: [ { date: "2018-05-14T20:36:31+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:31+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-05T18:56:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-7525", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2017-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1462702", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-7525", }, { category: "external", summary: "RHBZ#1462702", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1462702", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-7525", url: "https://www.cve.org/CVERecord?id=CVE-2017-7525", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", }, ], release_date: "2017-07-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018:1448
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1448", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559010", }, { category: "external", summary: "1559013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559013", }, { category: "external", summary: "1559018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559018", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1448.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:43+00:00", generator: { date: "2025-04-09T17:23:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1448", initial_release_date: "2018-05-14T20:36:07+00:00", revision_history: [ { date: "2018-05-14T20:36:07+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018:1451
Vulnerability from csaf_redhat
Published
2018-05-14 20:51
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: eap6-jboss-ec2-eap security update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise
Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise
Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise\nApplication Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise\nApplication Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1451", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1451.json", }, ], title: "Red Hat Security Advisory: eap6-jboss-ec2-eap security update", tracking: { current_release_date: "2025-04-09T17:23:50+00:00", generator: { date: "2025-04-09T17:23:50+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1451", initial_release_date: "2018-05-14T20:51:07+00:00", revision_history: [ { date: "2018-05-14T20:51:07+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:51:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:50+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product_id: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_id: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product: { name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_id: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", }, product_reference: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", }, product_reference: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", }, product_reference: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018_1448
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-01-05 18:56
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1448", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559010", }, { category: "external", summary: "1559013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559013", }, { category: "external", summary: "1559018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559018", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1448.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-01-05T18:56:38+00:00", generator: { date: "2025-01-05T18:56:38+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2018:1448", initial_release_date: "2018-05-14T20:36:07+00:00", revision_history: [ { date: "2018-05-14T20:36:07+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-05T18:56:38+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018_1447
Vulnerability from csaf_redhat
Published
2018-05-14 20:15
Modified
2025-01-05 18:56
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Enterprise Application Platform
6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1447", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1447.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-01-05T18:56:51+00:00", generator: { date: "2025-01-05T18:56:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2018:1447", initial_release_date: "2018-05-14T20:15:33+00:00", revision_history: [ { date: "2018-05-14T20:15:33+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:15:33+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-05T18:56:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4", product_id: "Red Hat JBoss Enterprise Application Platform 6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018:1449
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1449", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559008", }, { category: "external", summary: "1559011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559011", }, { category: "external", summary: "1559016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1449.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:35+00:00", generator: { date: "2025-04-09T17:23:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1449", initial_release_date: "2018-05-14T20:36:31+00:00", revision_history: [ { date: "2018-05-14T20:36:31+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:31+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-7525", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2017-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1462702", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-7525", }, { category: "external", summary: "RHBZ#1462702", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1462702", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-7525", url: "https://www.cve.org/CVERecord?id=CVE-2017-7525", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", }, ], release_date: "2017-07-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018_1451
Vulnerability from csaf_redhat
Published
2018-05-14 20:51
Modified
2025-01-05 18:56
Summary
Red Hat Security Advisory: eap6-jboss-ec2-eap security update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise
Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise
Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise\nApplication Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise\nApplication Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1451", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1451.json", }, ], title: "Red Hat Security Advisory: eap6-jboss-ec2-eap security update", tracking: { current_release_date: "2025-01-05T18:56:45+00:00", generator: { date: "2025-01-05T18:56:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2018:1451", initial_release_date: "2018-05-14T20:51:07+00:00", revision_history: [ { date: "2018-05-14T20:51:07+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:51:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-05T18:56:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product_id: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_id: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product: { name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_id: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", }, product_reference: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", }, product_reference: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", }, product_reference: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
RHSA-2018:1448
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1448", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559010", }, { category: "external", summary: "1559013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559013", }, { category: "external", summary: "1559018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559018", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1448.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:43+00:00", generator: { date: "2025-04-09T17:23:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1448", initial_release_date: "2018-05-14T20:36:07+00:00", revision_history: [ { date: "2018-05-14T20:36:07+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", product_id: "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", relates_to_product_reference: "7Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1448", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
RHSA-2018:1449
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1449", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559008", }, { category: "external", summary: "1559011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559011", }, { category: "external", summary: "1559016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1449.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:35+00:00", generator: { date: "2025-04-09T17:23:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1449", initial_release_date: "2018-05-14T20:36:31+00:00", revision_history: [ { date: "2018-05-14T20:36:31+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:31+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-7525", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2017-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1462702", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-7525", }, { category: "external", summary: "RHBZ#1462702", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1462702", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-7525", url: "https://www.cve.org/CVERecord?id=CVE-2017-7525", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", }, ], release_date: "2017-07-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:31+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1449", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018_1450
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-01-05 18:56
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1450", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559009", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559009", }, { category: "external", summary: "1559012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559012", }, { category: "external", summary: "1559017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559017", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1450.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-01-05T18:56:25+00:00", generator: { date: "2025-01-05T18:56:25+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2018:1450", initial_release_date: "2018-05-14T20:36:21+00:00", revision_history: [ { date: "2018-05-14T20:36:21+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:21+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-05T18:56:25+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-7525", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2017-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1462702", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-7525", }, { category: "external", summary: "RHBZ#1462702", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1462702", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-7525", url: "https://www.cve.org/CVERecord?id=CVE-2017-7525", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", }, ], release_date: "2017-07-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
RHSA-2018:1450
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1450", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "1559009", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559009", }, { category: "external", summary: "1559012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559012", }, { category: "external", summary: "1559017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1559017", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1450.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:29+00:00", generator: { date: "2025-04-09T17:23:29+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1450", initial_release_date: "2018-05-14T20:36:21+00:00", revision_history: [ { date: "2018-05-14T20:36:21+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:36:21+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:29+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product_id: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product_id: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_id: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_id: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", }, product_reference: "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", }, product_reference: "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", }, product_reference: "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", }, product_reference: "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", product_id: "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", }, product_reference: "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", relates_to_product_reference: "5Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-7525", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2017-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1462702", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-7525", }, { category: "external", summary: "RHBZ#1462702", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1462702", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-7525", url: "https://www.cve.org/CVERecord?id=CVE-2017-7525", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", }, ], release_date: "2017-07-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:36:21+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1450", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
RHSA-2018:1447
Vulnerability from csaf_redhat
Published
2018-05-14 20:15
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Enterprise Application Platform
6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1447", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1447.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:56+00:00", generator: { date: "2025-04-09T17:23:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1447", initial_release_date: "2018-05-14T20:15:33+00:00", revision_history: [ { date: "2018-05-14T20:15:33+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:15:33+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4", product_id: "Red Hat JBoss Enterprise Application Platform 6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
rhsa-2018:1447
Vulnerability from csaf_redhat
Published
2018-05-14 20:15
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Enterprise Application Platform
6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1447", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1447.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", tracking: { current_release_date: "2025-04-09T17:23:56+00:00", generator: { date: "2025-04-09T17:23:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1447", initial_release_date: "2018-05-14T20:15:33+00:00", revision_history: [ { date: "2018-05-14T20:15:33+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:15:33+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4", product_id: "Red Hat JBoss Enterprise Application Platform 6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:15:33+00:00", details: "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1447", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.4", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
RHSA-2018:1451
Vulnerability from csaf_redhat
Published
2018-05-14 20:51
Modified
2025-04-09 17:23
Summary
Red Hat Security Advisory: eap6-jboss-ec2-eap security update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise
Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise
Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise\nApplication Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise\nApplication Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:1451", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", }, { category: "external", summary: "1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1451.json", }, ], title: "Red Hat Security Advisory: eap6-jboss-ec2-eap security update", tracking: { current_release_date: "2025-04-09T17:23:50+00:00", generator: { date: "2025-04-09T17:23:50+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2018:1451", initial_release_date: "2018-05-14T20:51:07+00:00", revision_history: [ { date: "2018-05-14T20:51:07+00:00", number: "1", summary: "Initial version", }, { date: "2018-05-14T20:51:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T17:23:50+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product_id: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_id: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product: { name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_id: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", }, product_reference: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", }, product_reference: "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", relates_to_product_reference: "6Server-JBEAP-6.4", }, { category: "default_component_of", full_product_name: { name: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", product_id: "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", }, product_reference: "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEAP-6.4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-4978", discovery_date: "2016-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1379207", }, ], notes: [ { category: "description", text: "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", title: "Vulnerability description", }, { category: "summary", text: "Artemis: Deserialization of untrusted input vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-4978", }, { category: "external", summary: "RHBZ#1379207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1379207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-4978", url: "https://www.cve.org/CVERecord?id=CVE-2016-4978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", }, ], release_date: "2016-09-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Artemis: Deserialization of untrusted input vulnerability", }, { cve: "CVE-2017-3163", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2017-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1454783", }, ], notes: [ { category: "description", text: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", title: "Vulnerability description", }, { category: "summary", text: "solr: Directory traversal via Index Replication HTTP API", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-3163", }, { category: "external", summary: "RHBZ#1454783", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1454783", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-3163", url: "https://www.cve.org/CVERecord?id=CVE-2017-3163", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, ], release_date: "2017-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "solr: Directory traversal via Index Replication HTTP API", }, { acknowledgments: [ { names: [ "Liao Xinxi", ], organization: "NSFOCUS", }, ], cve: "CVE-2017-15095", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2017-10-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1506612", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15095", }, { category: "external", summary: "RHBZ#1506612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15095", url: "https://www.cve.org/CVERecord?id=CVE-2017-15095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "workaround", details: "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", }, { acknowledgments: [ { names: [ "0c0c0f from 360观星实验室", ], }, ], cve: "CVE-2017-17485", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2017-12-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528565", }, ], notes: [ { category: "description", text: "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17485", }, { category: "external", summary: "RHBZ#1528565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17485", url: "https://www.cve.org/CVERecord?id=CVE-2017-17485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2017-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", }, { cve: "CVE-2018-1304", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548289", }, ], notes: [ { category: "description", text: "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1304", }, { category: "external", summary: "RHBZ#1548289", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548289", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1304", url: "https://www.cve.org/CVERecord?id=CVE-2018-1304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", }, ], release_date: "2018-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", }, { cve: "CVE-2018-7489", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1549276", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7489", }, { category: "external", summary: "RHBZ#1549276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7489", url: "https://www.cve.org/CVERecord?id=CVE-2018-7489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", }, { category: "external", summary: "https://access.redhat.com/solutions/3442891", url: "https://access.redhat.com/solutions/3442891", }, ], release_date: "2018-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { category: "workaround", details: "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", }, { acknowledgments: [ { names: [ "Chris McCown", ], }, ], cve: "CVE-2018-8088", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2018-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548909", }, ], notes: [ { category: "description", text: "An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", title: "Vulnerability description", }, { category: "summary", text: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", title: "Vulnerability summary", }, { category: "other", text: "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8088", }, { category: "external", summary: "RHBZ#1548909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8088", url: "https://www.cve.org/CVERecord?id=CVE-2018-8088", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", }, ], release_date: "2018-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-05-14T20:51:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:1451", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", }, ], }
ghsa-387v-84cv-9qmc
Vulnerability from github
Published
2018-10-18 16:40
Modified
2022-09-17 00:06
Severity ?
Summary
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
Details
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
{ affected: [ { package: { ecosystem: "Maven", name: "org.apache.solr:solr-core", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "5.5.4", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Maven", name: "org.apache.solr:solr-core", }, ranges: [ { events: [ { introduced: "6.0.0", }, { fixed: "6.4.1", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2017-3163", ], database_specific: { cwe_ids: [ "CWE-22", ], github_reviewed: true, github_reviewed_at: "2020-06-16T20:54:26Z", nvd_published_at: null, severity: "HIGH", }, details: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", id: "GHSA-387v-84cv-9qmc", modified: "2022-09-17T00:06:46Z", published: "2018-10-18T16:40:43Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { type: "ADVISORY", url: "https://github.com/advisories/GHSA-387v-84cv-9qmc", }, { type: "WEB", url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E", }, { type: "WEB", url: "https://www.debian.org/security/2018/dsa-4124", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", type: "CVSS_V3", }, ], summary: "Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core", }
fkie_cve-2017-3163
Vulnerability from fkie_nvd
Published
2017-08-30 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", matchCriteriaId: "C0CB118A-E405-41E5-B25F-C151B14292A7", versionEndIncluding: "5.5.3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "29F3170C-C5D6-431F-A2DD-692636CF5DAB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BA339070-A2BD-4559-B400-2BC2EB9923A7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B737CF14-C14A-4D97-B838-47EC4A2C68C8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*", matchCriteriaId: "036F935D-B469-47C6-AF5D-3DFC73070753", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*", matchCriteriaId: "42A1A17A-32EA-40A2-9A1E-6019B493B5C1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "76557E9C-1F16-44D9-ACA1-F4DAEC966F05", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "DE068A02-D47A-4C6C-BFD3-040385599CA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", }, { lang: "es", value: "Cuando se usa la característica Index Replication, los nodos Apache Solr pueden tomar archivos index de un nodo master/leader usando una API HTTP que acepta un nombre de archivo. Sin embargo, Solr en versiones anteriores a la 5.5.4 y en versiones 6.x anteriores a la 6.4.1 no valida el nombre de archivo, por lo que fue posible manipular una petición especial que involucre un salto de ruta, dejando expuestos todos los archivos legibles en el proceso de servidor Solr. Los servidores Solr protegidos y restringidos por reglas de firewall y/o autenticación no estarían en riesgo ya que solo los clientes y usuarios de confianza obtendrían acceso HTTP directo.", }, ], id: "CVE-2017-3163", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-08-30T14:29:00.207", references: [ { source: "security@apache.org", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { source: "security@apache.org", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { source: "security@apache.org", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { source: "security@apache.org", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { source: "security@apache.org", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E", }, { source: "security@apache.org", url: "https://www.debian.org/security/2018/dsa-4124", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:1447", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:1448", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:1449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:1450", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:1451", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2018/dsa-4124", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.